A new study by Sectigo, State of Website Security and Threat Report, reveals that 20% of SMBs have experienced a breach in the past year alone, even though nearly three-quarters believe their companies are mitigating risks effectively.
The new report details this perception gap, along with methods and frequency of SMB website attacks, the impact of breaches, security technologies in use, and expected website security spending for 2021.
In its inaugural report, Sectigo surveyed more than 1,100 website security decision-makers at SMBs and found that a significant number of businesses do not feel they are vulnerable to online threats, with 48% of respondents indicating that their business is “too small to be the target” of an attack.
Yet half of the SMBs surveyed have experienced a website breach at some point, with 20% reporting a breach in the last 12 months.
Furthermore, over 40% report a range of attacks targeting their website on a monthly or more frequent basis, with malware injection, data breaches, and brute force login attempts leading the list of attack vectors.
Of the SMB survey respondents who experienced a breach in the past year, only 3% reported “no impact” to their business due to the breach. Twenty-eight percent reported “severe” or “very severe” consequences stemming from a cyberattack—with 60% experiencing a website outage and more than a third incurring revenue loss.
Malware scanning and remediation, firewalls, and website backup tools are the most common website security technologies SMBs use to protect their websites. Nearly four in ten (37%) of those who experienced an attack in the past year concede said they had some form of website security in place at the time—further underscoring the need for better, or additional, website security.
Attack frequency and severity have many SMBs increasing spending. Eighty-one percent of respondents believe cyberattacks will become more sophisticated, and 75% believe attacks will occur more frequently in 2021. More than 72% of respondents say they collect or store sensitive data through their website, and half say that a website outage would have a serious impact on their business.
Explains Michael Fowler, President of Partners and Channels, Sectigo:
“As SMBs increasingly digitize their operations, their websites become mission-critical for communicating with customers and conducting business.”
“No business is too small a target. Attacks continue to evolve, and hackers are increasingly resourceful, making it critical for SMBs to invest in multi-layered solutions that stay ahead of ever-changing threats.”
The study found that 60% of SMBs currently spend $500/month or less on website security, with nearly half of all respondents planning to increase website security spending in 2021.
For more information, including overall study findings and key takeaways, download the Sectigo State of Website Security and Threat Report.